What does this plugin do?

Make it quick! Where can I download it?

Why is there so much text below?

Because I hate cool plugins that are badly documented. Even the smallest piece of code needs some documentation. The following text is pretty exhaustive. Feel free to skip the sections you are not interested in. If you have a question about the plugin please first make sure you refer to the latest version of the plugin and the question is not answered on this page or in the comments of the plugin homepage. Then – and only then – post your question here.

Introduction

Motivation

It all started once I was trying to set up Filipe Fortes Post Levels plugin. At first I only did a patch for it, to make it run with WordPress 1.5.x the way I wanted. Then WordPress 2.0 came out with a complete overhaul of the user management system. Filipes plugin did not switch over to the new user management system but introduced its own. Exchanging some mails between Filipe and me, he explained that he will never switch to the new system in the overseeable future. This was the kick I needed to start a new plugin on my own.

Nowadays, my mission is to build an access restriction plugin for WordPress that is complete in its feature set but still easy to use. Besides implementing ideas of my own, I will add features known from other similar plugins as far as they make sense. Please use the voting to priorize the implementation of new features or leave a comment to suggest new features.

Concepts of Disclose-Secret

Disclose-Secret is an access restriction plugin for articles in your WordPress blog. Once installed you can select what potions of your written articles will be displayed to which user of your blog. By that you are able to expose articles only to a certain groups of users.

Securing your WordPress articles is the number one concern of this plugin. Because the plugin may be used to restrict access to sensible content, the plugin must avoid to give access to this content to unallowed users by any means. This goal must also be achieved once you have deactivated the plugin in your WordPress installation. If you find an error in the plugin that is causing this #1 goal to be corrupted, please contact me directly or write a comment.

What happened to the Post Restrictions plugin?

The Post Restrictions plugin was the predecessor of the Disclose-Secret plugin. Because concepts and features has changed dramatically since the first release of Post Restrictions, I thought it was time for renaming. There were other choices when searching for a new name like Mystery Monger, Shared Secrets, Gatekeeper or Secret Barker – just to name a few. Nevertheless the version number wasn’t reset back to 1.0 with the first release of Disclose-Secret but counted one major release number forward resulting in 2.0. Because of that Disclose-Secret and Post Restrictions are synonyms and can be used interchangeably.

Difference to other similar plugins

There are a lot of access restriction plugins available all doing slightly different things. Over time Disclose-Secret may absorb some of their features. The following list was gathered in the beginning of 2006 and may not be complete and probably outdated because some of the plugins may have been updated, including more features. Therefore the names of the compared plugins are given including the version number.

Post Levels 1.0

The Post Levels plugin by Filipe Fortes provided almost the same functionality in the days when this plugin was named Post Restrictions. A big bunch of code was taken from his plugin to set up this work. The main difference was that Post Restrictions could restrict access based on capabilities while Post Levels did its own permission management. With version 2.0 of this plugin, there were a lot of new features introduced that further departed both plugins in terms of functionality and code base.

ViewLevel 2.0

The ViewLevel plugin by Alex Tingle is based on the abandoned Viewlevel plugin by Kendra Burbank and isn’t yet ported to WordPress 2.0 as far as I know (although it was reported that it works) and so has no restrictions based on WordPress 2.0 roles/capabilities either. The restricted posts will become public when the plugin is deactivated.

Private Categories 0.2 (unavailable)

The Private Categories plugin by Greg Elin restricts complete categories from being read. The restricted posts will become public when the plugin is deactivated. Please note that access restriction based on categories is not and will not be implemented into Disclose-Secret. You can achieve the same functionality be restricting access based on a capability.

Other plugins

There are a lot of other plugins that I am simply to lazy to write some further text. Nevertheless they are all worth a mention because of implementing additional features, concepts and ideas that this plugin was or is still missing. A lot of inspiration for further extension of Disclose-Secret came and comes from this list of plugins:

Installation

Requirements

MySQL 4.1 or higher. This differs from the minimum requirement of WordPress 2.1 which only requires MySQL 4.0. If you don’t know what version your server is using, then just install the plugin. Disclose-Secret will notice you in the admin panel if the minimum requirements aren’t matched.

Installing the plugin

Download the Disclose-Secret plugin archive and extract it to your WordPress plugins directory

Activate the plugin in your WordPress admin panel

Finished. It couldn’t be easier. The rest is self-explanatory. ;)

Upgrade from previous versions

Usually if not specifically mentioned on this page you can upgrade from a previous version of this plugin by simply removing the content of the disclose-secret directory in your WordPress plugins directory and afterwards follow the installation instructions. Note that an upgrade may implicitly migrate settings of an older plugin version. Therefore you may not be able to downgrade back to an older version of the plugin.

Upgrade from version 1.2 (Post Restrictions)

Remove the post-restrictions directory from your WordPress plugins directory or at least deactivate the Post Restrictions plugin in your WordPress admin panel. Don’t use both plugins in parallel. Although I don’t expect to have security affected when running both plugins, I haven’t tested it and so behaviour is undefined. Afterwards follow the installation instructions.

Upgrade from version 1.1 and earlier

Because directory layout and file names have changed, you have to remove your old post_restrictions.php from your WordPress plugins directory and afterwards follow the installation instructions.

Migration from other restriction plugins

The Disclose-Secret plugin provides a configuration page in your WordPress admin panel available from the Options tab. If it recognizes that another restriction plugin was once in use, it provides an additional migration dialog at the end of the configuration page (see section "Configuration").

Once migration is done, you can retire and uninstall the old plugin. Don’t use both plugins in parallel. Although I don’t expect to have security affected when running both plugins, I haven’t tested it and so behaviour is undefined. Remember that migration can not be undone by this plugin. Currently migration was tested with the following plugins:

Uninstalling the plugin

For uninstalling the plugin simply delete the disclose-secret directory from the WordPress plugins directory. You even don’t need to deactivate the plugin in the WordPress admin panel. Read this topic if you want to know what happens to your already access restricted articles.

Security explained

The restriction state

The WordPress core system knows two restriction states. They are public for articles to show up even for unregistered users of your blog and private for arcticles only to show up for the user who has written the article. The Disclose-Secret plugin introduces a third virtual state called protected. Technically this is defined by the article having a post status of private and at least one access restriction set in the Disclose-Secret box in the Write dialog. This restriction state is weaker than the private state, but stronger than the public state. The restriction state will show up in the Manage dialog of the WordPress admin panel.

What is protected on protected articles?

Disclose-Secret can be used to protect your articles which are posts and pages. Once the article is protected by the plugin, the whole article including title, excerpt, content and its comments will only show up on the main page, archives, feeds, search results etc. while the viewer is logged in and fulfills one of the access criteria set for this article by the author.

Blog protection

If a user does not fulfill the access criteria, a direct access to the article – if the URL is known – will lead to an 404 error message by the WordPress system.

Feed protection

Since most RSS readers support HTTP authentication, you may chose to add http_auth=yes to the query string of the feed. This will prompt you for HTTP authentification with your WordPress credentials once you’ll access this URI. After successfull authentification you’ll get protected and private articles in your newsfeeds. The amount of data of the article shown in the newsfeed is configurable. You can show just the title, excerpt, or give the full content of your articles. This all is configurable on the plugin’s configuration page.

Protection when deactivating the plugin

If you deactivate the plugin, all your protected articles become private and are only visible to the user who has written it. This assures no content is leaked if you once decide to deactivate the plugin.

Configuration

The Disclose-Secret plugin can be configured on the admin panel under Options / Disclose-Secret. Depending on your WordPress installation and configuration one or more topics of the following screenshot may be missing. The options are described in detail on the plugin configuration page, so description in this document will be rather short.

Compatibility warning

You may see a compatibility warning as shown in the screenshot. This will happen, if your WordPress version does not match a the list of WordPress versions the Disclose-Secret plugin was tested for. In this case you’ll have the option to "Forcefully turn on" the plugin and overriding this warning. Do this on your own risk.

Write option

There are cases when displaying the Write dialog can become very slow. This is usually the case if your blog has a huge amount of users (up from a few hundrets). In this case you can turn off display of some of the access boxes in your Write dialog by setting the related options.

Newsfeed options

Newsfeeds may get cached by your feed reader and so you may not want to display sensible content in the newsfeeds to avoid that content be accessible from the cache.

Migration dialog

In case the Disclose-Secret plugin found another access restriction plugin to be used before, a migration dialog will be shown. See section "Migration" for further details.

Usage

There are many ways to set or query access restrictions for WordPress content. All interfaces are described in the following subsections by giving some examples.

Restrict access to… – an example

You can restrict access to WordPress articles based on user names, roles or even capabilities. If you set more than one access restriction, a user only needs to fulfill one of it to view the article. The following will give some examples. Assume you have the following users in your WordPress blog:

Fred Flintstone, that has a role of Editor assigned to

Wilma Flintstone, that has a role of Author assigned to

Barney Rubble, that has a role of Contributor assigned to

Betty Rubble, that has a role of Contributor assigned to

Pebbles Flintstone, that has a role of Subscriber assigned to

Bamm-Bamm Rubble, that has a role of Subscriber assigned to

The roles used for this example are installed by default in a fresh WordPress version. For this example we assume these roles have the capabilties assigned to as defined after a fresh WordPress installation.

Example 1: Boys talk

Assume Barney is writing a post talking about the last game of the Bedrock soccer team and only wants Fred to be allowed to read the post. In this case he would restrict access to the user Fred. Note that Wilma – although she is supposed to have more rights than Barney – will not be able to read the post.

Example 2: Rubble family affairs

Assume Betty is starting a post with a discussion about Wilmas next birthday present. Because she knows Fred will leak information if he reads this, she only wants her family to be allowed to read the post. Here she has some alternatives to achieve this:

a) She restricts access to user Barney and user Bamm-Bamm

b) She restricts access to user Bamm-Bamm and role Contributor (because she knows just Barney is assigned to this role)

c) She restricts access to user Barney, user Bamm-Bamm and role Contributor

Choice b) and c) may broaden the set of allowed readers if a new user with a role of Contributor will be created while choice a) is very specific about who can access the post. Choice c) will cause Barney to fulfill access criteria twice, first based on restriction to user Barney and second restriction to role Contributor. This is redundant but is totally legal.

User interface

Your Write dialog in the WordPress admin panel now has some new boxes called "Access by user", "Access by role" and "Access by capability". Simply choose the criteria a user must fulfill to read the article and save your changes afterwards.

Now a user can only read this article if he has at least one criteria in common with one you have set for the article. Once you have chosen at least one criteria from the Disclose-Secret boxes, it doesn’t make a difference whether you press the ‘Save’ or ‘Publish’ button or mark your article as ‘Published’ or ‘Private’ in the Post Status box. The Disclose-Secret plugin will adjust the post status in all cases to private and will protect you from accidently publishing a restricted article.

XHTML tags

If you don’t write your WordPress articles with the build-in Write dialog of WordPress you are still able to restrict access to articles by using XHTML styled tags in the articles content. The plugin will filter out these tags and will set access restrictions accordingly. Because not to break XHTML validation of your blog if the plugin is turned off, the XHTML tag is styled as a XHTML comment as you may know it from the WordPress tag <!--more-->. If you define more than one tag in your content, the last tag will overwrite all settings of previously defined tags. The EBNF styled syntax of this tag is:

By this given definition, the previous examples will translate into the following settings:

Example 1: Boys talk

<!--disclose-secret user="Fred"/-->

This is the setting you would use for example 1. This restricts access to user Fred.

Example 2: Rubble family affairs

<!--disclose-secret user="Barney, Bamm-Bamm"/-->

This is the setting you would use for example 2 a). This restricts access to user Barney and Bamm-Bamm.

<!--disclose-secret user="Bamm-Bamm" role="Contributor"/-->

This is the setting you would use for example 2 b). This restricts access to user Bamm-Bamm and role Contributor.

<!--disclose-secret user="Barney, Bamm-Bamm" role="Contributor"/-->

This is the setting you would use for example 2 c). This restricts acces to user Barney and Bamm-Bamm and role Contributor.

Example 3: Private parts

<!--disclose-secret/-->

a) Because you haven’t given any user, role or capability to restrict the access to the article, the plugin assumes you want to make this article private.

<!--disclose-secret user="The incredible Hulk"/-->

b) If you have set up the attributes or attribute values in a wrong way, they will simply be ignored. Assume that in this example the user Hulk does not exists. The attribute and its value will simply be ignored, leaving the <!--disclose-secret/--> tag itself without any attributes which will have the same effect as example 3 a). This assures that in this case the article will becomes private.

Template tags

Although the code for this plugin contains of a lot of functions you may call, I only recommend the following public interface to be used in your page templates:

is_private();

Must be called inside the loop and returns true if the article is private.

is_protected();

Must be called inside the loop and returns true if the article is protected.

Troubleshooting

Incompatibilities to other plugins or themes

The following list contains all plugins including the version number that will cause Disclose-Secret to break. Additionally the kind of impact is mentioned.

Adhesive 2.3 by Owen Winkler

There was a serious incompatibility with the Adhesive plugin and Disclose-Secret versions 2.3 and prior. Because I do not have a local copy of this plugin anymore and I could not retrieve a new copy, there still may be incompatiblities although I wouldn’t expect this. Thanks to Orlando and Tom for reporting this issue.

Known issues

FAQ – Frequently asked questions

Why does assigning a "Level X" capability an article allows all users of userlevel X and above to read this article?

This is as intended by the WordPress developers and the developer of this plugin. Userlevels are marked deprecated. Simply don’t use them. Get more information about the capability/roles model of WordPress 2 and above in the WordPress Codex.

How can I assign capabilities to my registered users?

Assigning capabilities to roles or users is out of the scope of this plugin. Because WordPress has no built-in configuration page in the admin panel to assign roles/capabilities, you need to install one of the available role/capability manager plugins. There may be more such plugins available as shown in the following list:

Why can’t I restrict access to pages?

Past, present and future

New versions

New versions may come out from time to time including new features or bugfixes. You can keep track of the plugins development by manually checking or subscribing to the comments. New releases will always justify the code and will cause the version number to be increased. Nevertheless the downloadable archive may change from time to time without having the version number to be increased. This will happen when I update the plugins documentation. In this case there will be no announcement on this site, because this may happen rather frequently.

Feature: In case the plugin disables itself because of a WordPress incompatibility issue, it is now possible to override this on the plugin configuration page. No more waiting for you until I checked the compatiblity. Hopefully you know what you are doing…

Version 2.4 (2007-02-22)

Requirements: The plugin requires MySQL 4.1 to be installed on your server.

Tested with WordPress 2.1 and 2.1.1. Might run with other 2.1.x aswell.

Change: All language localization files are now stored in the plugins subdirectory "languages".

Feature: Support for page restrictions. This is broken until WP bug #3705 is fixed or you have at least WordPress 2.1.1 installed. A patch file is applied to the bug report, so you may want to apply this manually on your WordPress installation.

Feature: Improved protection for dashboard. The plugin now protects the dashboard from revealing post titles if new unapproved comments are found for a restricted article.

Feature: Improved support for archives, search and navigation. The plugin now displays protected articles in the archives as well as searching thru them, if the user fulfills the access criteria. Also the "previous entries/next entries" functionality takes protected posts into account.

Roadmap

The roadmap contains features that will come in one of the next releases of the plugin. They are ordered by priority but may be hold back because of dependencies (e.g. unfixed bugs or missing features in the WordPress core)

Selectable amount of an article that should be restricted. This will enable you to only restrict an articles content but still let the title show up in the blog.

Vote for new features

You can vote for new feature to priorize the implementation. If your desired feature isn’t in this list, just write a comment and I will add it.

346 Kommentare

Lovely work and I’m looking forward to your promised update for modern WordPress versions, though I’m glad the plugin still works fine to protect posts in WP 2.5.1.

One bit of feedback. I installed Owen Winkler’s Role Manager (which is the one you have linked in your install section in this post) on my WP 2.5.1, which turned out to be bad (ended up locking my Administrator accounts out of being able to manage plugins and had to hack the dB to get that back). You may wish to update the text here and note that Winkler’s Role Manager is for WP 2.0 only. The best version for 2.0.x – 2.5.x is Thomas Schneider’s Role Manager 2.2.2 instead.

The Codex has more information, but it’s difficult to verify at Winkler’s site, where he looks like he’s essentially just deleted all documentation but still provides a zip of the plugin itself. Unfortunately I found all this out the hard way.

Thanks for everything else, though! Great plugin, looking forward to the update.

I second (third, fourth?) the nomination for an update to this plugin. In particular, I really need the capability to show the excerpt to non-logged in users (or users that don’t meet the minimum user level). Is there a way to hack this module so that I can show in unrestricted form at least the title and excerpt?

While waiting for version 2.5 of Disclose Secret I tried (hint:) the new Role Scoper plugin. It can do a lot, but it is also terribly complicated. Disclose Secret would be much welcomed, as it adds such great simplicity and end user friendliness.

It would be GREAT to have the plugin let non logged-in users see the title and excerpt (up to the tag) of a protected article.

Is there an alternative way to let non registered users know that a new protected article is available on the blog? It would be a great tool to promote blog subscriptions, for users who want to access full articles…

Good feedback — is there a version of a plugin that does what I created using Roles instead of levels? Or, are you finally planning on fixing Disclose Secret to allow what I have created above? I don’t think this plugin has been updated in a long while, and I certainly tried to use it as I specified above, but it didn’t work at all :(